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REMARKS 

This amendment is submitted in response to the final office action dated May 24, 
2005. Reconsideration and allowance of the claims is requested. In this office action, 
all the claims were rejected as anticipated by or obvious over Dorenbos US 5,751 ,813. 
This rejection is respectfully traversed. 

Dorenbos (5,751 ,813) column 3 lines 27-48 regarding the first-stage encrypted 
message is not for "privacy". Because it is encrypted by user's private key (as shown in 
Figure 2 and column 3 line 8-10), it is for authentication purpose. That is every body in 
the public can "decrypt" that first-stage message by user's public key (which by 
definition is publish in the public such every one can have access!) to verify whether this 
first-stage message is from the claimed user or not. Again, it is not for protecting the 
message from eavesdropping. The mechanism for protecting the eavesdropping in 
Dorenbos is the second-stage encrypting using server's public key; this is the single 
point of weakness in the system. If a hacker attacks the server successfully, he/she will 
be able to see all the message getting through the server using the server private key. 
Remember, the first-stage "encrypted" message can be decrypted by ANYBODY. 
Unlike the Dorenbos system, in this invention, if a hacker attacks the server 
successfully, he/she cannot decrypt the messages passing through the server at all. 

Dorenbos column 3 lines 5 - column 4 line 10 is not a teaching of deriving share 
secret. The Dorenbos teaching is summarized below and then compared with the 
claimed invention. 
Dorenbos teaching (system) 

1) user "encrypt" (more precisely "sign") message (M) with his/her private key (ui) => 
Eui(M) 

2) user encrypt Ui(M) with his/her ID and receipient ID1, ID2, .., IDn with server public 
key (sp) => Esp(Eui(M) + ID + ID1 + ID2 + .. + IDn) 

3) server receive message Esp(Eui(M) + ID + ID1 + ID2 + .. + IDn) and decrypt it with 
server private key (si) => Dsi(Esp(Eui(M) + ID + ID1 + ID2 + + IDn))= Eui(M) + ID + 
ID1 + ID2 + .. + |Dn 

4) server uses table lookup to find ID1, ID2, , IDn's public keys u1p, u2p, .., unp on the 
server 
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5) server send out encrypted message Eu1p(Eui(M)+ID) to userl, Eu2p(Eui(M)+ID) to 
user 2, Eunp(Eui(M)+ID) to usern. 
Our invention 

1) user requests receipients public keys (u1p, u2p f unp) from server 

2) user uses his/her own private key (ui) to derive share secret keys 
su1=ShareSecretFunction(ui,u1p), su2=ShareSecretFunction(ui,u2p), ... 
sun=ShareSecretFunction(ui,unp) 

3) user encrypt the message (M) with share secret key (su1 ) => Esu1(M) and send 
Esu1(M) + ID to userl, similarly, Esu2(M)+lD to user2 ... Esun(M)+ID to usern. 

4) server receives Esu1(M)+ID1, Esu2(M)+ID2 Esun(M)+IDn, it just passes them 

through to correspondent users, in this case userl, user2, usern. No decryption and 
re-encryption is needed. 

5) when userl receives Esu1(M)+ID, he/she will requests sender (ID) public key (up) 
from server. 

6) userl will use his/her own private key ui1 to derive the share secret key 
us1=ShareSecretFunction(ui1 r up). Mathematically we can prove that us1 will be equal 
to su1 (known in the skill of the art) 

7) userl will decrypt the receiving message using the us1 as Dus1(Esu1 (M)) = M. 

THE MAJOR DIFFERENCE of our invention is that if a hacker breaks in the 
server in our step 4, there is no way by using public keys in the server to decrypt 
Esu1(M) f Esu2(M), Esun(M). Because to decrypt these messages requires users' 
private keys information which are NOT stored in the server. The private key is stored in 
each individual user's PEAD. (On the contrary, public keys are stored in the server.) 

On the contrary, if a hacker breaks in the server in step 3 of Dorenbos system, 
the hacker can decrypt Eui(M) by sender's (user's) public key which is stored in the 
SERVER! That is Dup(Eui(M))=M. Remember where do we get the user's public key 
(up) — > it's from SERVER. 

Notations: E is for encryption function, Ek means Encrypt with key k. 

D is for decryption function, Dk means Decrypt with key k. 
Symmetric key encryption background: 
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if a message M is encrypted with key k, then it can be decrypted by the same key 
k as shown in the following simple notation: Dk(Ek(M))=M. 
Public key infrastructure background: 

if a message M is encrypted with a public key (up), then it can be decrypted by its 
correspondent private key (ui): Dui(Eup(M))=M and vice versa Dup(Eui(M)). 

In a public key infrastructure, the user needs to safe guard his/her own private 
key (ui), for example store a private key in his/her own PEAD and put the public key 
(up) to a public domain such as a server. 

Encrypted in private key Eui(M) usually is called digital signature, which every 
one can validate it by request the public key from a server to decrypt the message 
Dup(Eui(M))=M. If decrypt successfully, it authenticates the user who claims who he/she 
is. 

Encrypted in public key Eup(M) usually is for privacy. Because unless you have 
the user private key, NO Body else can decrypt the message except for the receiver 
who has the private key. 

In view of these distinctions, reconsideration and allowance is respectfully 
requested. 
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